Obligation of information

In relation to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR”) that has been in force since 25 May 2018, we would like to inform that we process your personal data. Furthermore, we would like to notify that:

2. The Data Protection Officer has been appointed for the purpose of proper protection of your personal data. The Officer may be contacted at e-mail address: [email protected];

3. Your personal data are processed for the purpose of the business activity performed by the Controllers and their mutual cooperation in compliance with article 6 sec. 1 letters B and F of GDPR, including in particular for the purpose of:

a. proper execution of agreements that have been concluded with you,

b. financial and accounting settlements,

c. marketing activities and distribution of commercial information, but only if you express your separate consent for such activities, that is in compliance with article 6 sec. 1 letters A of GDPR,

d. defence of claims and assertion of claims;

e. handling compliance procedures;

4. Your personal data have been collected only in relation to our previous contacts in respect to the activities conducted and they include name (names) and surname, e-mail address, contact address, legal name of a represented entity, phone number, position, bank account number, and in case of entrepreneurs also NIP (tax identification number), REGON (Polish business registry number), KRS (National Court Register number) and address of company’s registered office;

5. Your personal data will be disclosed to other entities (including to third parties) only for the purpose of proper execution of the agreement concluded with you, fulfilment of the Controllers’ obligations defined in legal provisions, protection of rights in compliance with applicable legal provisions and fulfilment of legitimate interest of the Controllers within the meaning of the provision on personal data protection. Furthermore, we would like to inform that such entities will be obliged to apply proper technical and organisational means under agreements concluded with the Controller, in order to protect duly your personal data. Personal data will be also disclosed to entities, which are entitled to obtain them under applicable legal provisions;

6. Every data subject has a right to demand deletion of personal data or restrict their processing, as well as a right to file a complaint to a supervisory authorities if they believe that personal data processing violates the GDPR provisions. Since 25 May 2018, the Chairperson of the Office for Personal Data Protection shall be the respective supervisory authority.